Is our use of modified Linux subject to SCO's scrutiny? |
 |
EXPERT RESPONSE FROM: Scott Nathan
|
|
|
|
| > |
QUESTION POSED ON: 03 September 2003
We are users of uClinux which is basically a modification of the 2.4 kernel for embedded systems. We are running this kernel with our own developed software on a coldfire chip based board. This board costs about $30-$35 to make. SCO wants $32 per CPU for license. We are not under the umbrella of a distributor like Redhat. The only thing close is maybe Lineo or SecureEdge. Three questions:
- If we are using the 2.4 kernel but it is found out that our product does not include (i.e. linked in) the offending code do we still have to pay SCO? In other words, our kernel is highly customized and only includes that which we need -- and probably does not include the code SCO is complaining about.
- If we are using RedHat or MontaVista are we less protected?
- Should we worry about putting a statement that we have Linux inside our products on our web site? Having embedded Linux in our products is a selling point, but if we say "based on Linux" or something like that on the site, won't that bring attention to ourselves from SCO?
|
|
| > |
Thank you for these intriguing questions. I'll take them in order:
- This question raises a lot of issues, as well as a number of questions, and might be better addressed offline. A couple of general observations: First, on its best day, SCO will be limited in its claims to those users that are using either proprietary code owned by SCO and applications derived from such proprietary code (whether or nor the actual code lies inside those applications) to the extent that the applications could not have been developed without unauthorized access to the proprietary code. If your use of the 2.4 kernel neither includes the code that SCO claims to own nor was impermissibly derived therefrom, you have little risk. Second, and following on the first point, although I am unclear precisely what you might be licensing from SCO, if your company is not otherwise on the radar screen, has yet to receive a notice from SCO and you are not using any of the so-called protected code, the information that you have provided thus far suggests that it is unlikely that SCO will pursue you for a licensing fee. Depending on the answers to other questions, or changes in your business plans, this response might change.
- To the contrary. If you are a Red Hat licensee, you have the protection of Red Hat's status as a distributor and intermediary provided that you obtain the appropriate protections from Red Hat. Those protections include appropriate indemnification provisions and limitations on liability. The one exception that comes to mind on the basis of the limited record is that, to the extent you are knowingly violating SCO's copyrights (as by using code you know to infringe on SCO's copyright), you may be the subject of a separate claim for which Red Hat may not indemnify you. However, given the content of Red Hat's lawsuit against SCO, there is "plausible deniability" in your position.
- There are almost always trade-offs in business. The question is whether it is worth the risk from a business perspective to publicize the connection to Linux. Since I am not sure of your business model, I cannot respond effectively. Generically, if you distribute products using Linux (and therefore profit from the use of what SCO claims is its proprietary code) you are more likely to be in the line of fire than if you simply use such products (unless your company is a Global 1500 enterprise, in which case you are already on the radar). One response to this dilemma is to obtain insurance that will cover this risk and avoid further worries. Again, the possible directions of this topic suggest the need for more detailed discussions offline.
|
|
|
|
|
|
|
|
Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and
answer pairs from more than 250 TechTarget industry experts.
|
|
|
|
|
|
|
|
|
|
|
|
